An attack late last week that compromised the personal and business Gmail accounts of a web services company boss, revealed a subtle but dangerous security flaw in the two-factor authentication process used in Google Apps for business customers.
Google has since fixed the glitch that targeted Matthew Prince, chief executive of US-based web content delivery company CloudFlare, but the incident offers a timely reminder that two-factor authentication schemes are only as secure as their weakest component.